[Busec] busec this week: Omkant Pandey (Wed 9am) ** UNUSUAL TIME! ***

Sharon Goldberg goldbe at cs.bu.edu
Tue Oct 21 22:36:46 EDT 2014

** Note unusual time for Wednesday's seminar:  We start at 9am! ***

At this week's busec seminar we host Omkant Pandey from UIUC, who will give
a talk about obfuscation.  The talk will be on Wednesday at 9am; breakfast
will be provided before/during the talk.

The following week, Haya Shulman from TU Darmstat will give a talk about
DNS privacy at our usual 10am Wednesday seminar.

See you there!

BUsec Calendar:  http://www.bu.edu/cs/busec/
BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec
How to get to BU from MIT: The CT2 bus or MIT's "Boston Daytime Shuttle"

The busec seminar gratefully acknowledges the support of BU's Center for
Reliable Information Systems and Cyber Security (RISCS).


Public-Coin Differing-Inputs Obfuscation and Its Applications
Omkant Pandey. UIUC.
October 22, 2014, 9-10am
Hariri Seminar Room, MCS148, 111 Cummington St

****UNUSUAL TIME & ROOM !!!!*******

Differing inputs obfuscation (diO) is a strengthening of
indistinguishability obfuscation (iO) that has recently found applications
to improving the efficiency and generality of obfuscation, functional
encryption, non-black-box simulation, and several other related primitives.
These applications require the “security” of diO to hold even in the
presence of an auxiliary input that is generated together with the
programs. However, recent negative results cast serious doubt on the
plausibility of general-purpose diO with respect to general auxiliary
inputs. This leaves open the existence of a variant of diO that is
plausible, simple, and useful for applications.

We suggest such a diO variant that we call *public-coin* diO. A public-coin
diO restricts the original definition of diO by requiring the auxiliary
input to be a public, trapdoor-free, random string which is given as input
to all relevant algorithms. In contrast to standard diO, it remains very
plausible that current candidate constructions of iO for circuits satisfy
the public-coin diO requirement.

We demonstrate the usefulness of the new notion by showing that several
applications of diO can be obtained by relying on the public-coin variant
instead. These include constructions of succinct obfuscation and functional
encryption schemes for Turing Machines as well as obfuscation-based
non-black-box simulation for (concurrent) zero-knowledge.


1st New England Networking and Systems Day
Boston University, Hariri Seminar Room, MCS180, 111 Cummington St
Oct 24, 2014, 9-4.30pm


Pretty Bad Privacy: Pitfalls of DNS Encryption
Haya Shulman. TU Darmstat.
October 29, 2014, 10-11am
Hariri Seminar Room, MCS180, 111 Cummington St

As awareness for privacy of Domain Name System (DNS) is increasing, a
number of mechanisms for encryption of DNS packets were proposed. We study
the prominent defences, focusing on the privacy guarantees,
interoperability with the DNS infrastructure, and the efficiency overhead.
In particular:

- We explore dependencies in DNS and show techniques that utilise side
channel leaks, due to transitive trust, allowing to infer information about
the target domain in an encrypted DNS packet.

- We examine common DNS servers configurations and show that the proposals
are expected to encounter deployment obstacles with (at least) $38\%$ of
50K-top Alexa domains and (at least) $12\%$ of the top-level domains
(TLDs), and will disrupt the DNS functionality and availability for clients.

- We show that due to the non-interoperability with the caches, the
proposals for end-to-end encryption may have a prohibitive traffic overhead
on the name servers.

Our work indicates that further study may be required to adjust the
proposals to stand up to their security guarantees, and to make them
suitable for the common servers' configurations in the DNS infrastructure.
Our study is based on collection and analysis of the DNS traffic of 50K-top
Alexa domains and 568 TLDs.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20141021/aa1d2389/attachment-0001.html>

More information about the Busec mailing list